The idea with the projects funded this week - including two new cybersecurity collaborative groups -- is to research, develop, and commercialize a range of cybersecurity services to strengthen the US energy infrastructure against cyber intrusion and assist operators in complying with cybersecurity regulations, said U.S. Energy Secretary Steven Chu.

Least Privilege Architecture for Control Systems: Building upon previous DOE research, Honeywell will research, develop, and commercialize an architecture for critical systems that limits each operator's access and control privileges to the appropriate level for their job function. ($2,203,653)

3. Schweitzer Engineering Laboratories

Watchdog Project: Schweitzer will research, develop, and commercialize a device for the control system LAN that allows only trusted data sources and trusted communication patterns access the network. ($2,974,697)

4. Schweitzer Engineering Laboratories

Whitelist Anti-Virus for Control Systems Project: Schweitzer will research, develop, and commercialize an anti-virus solution for control systems that prevents the execution of unauthorized code and maintains secure settings and configurations, to be integrated with Schweitzer Engineering Laboratories' substation-hardened computers and communication processor. ($1,631,026)

5. Schweitzer Engineering Laboratories

Padlock Project: Schweitzer will research, develop, and commercialize a low-power, small-size plug-in device, referred to as a "dongle," that provides strong authentication, logging, alarming, and secure communications for intelligent electronic devices (IED) in the field. The dongle will detect physical tampering and inform the device developed in the Watchdog Project so that communications received from physically compromised IED are prevented from reaching the control system LAN. ($1,117,003)

6. Siemens Energy Automation

Development and Demonstration of a Security Core Component: Siemens will develop and demonstrate a near-real-time cyber and physical security situational awareness capability for the control system environment. It will provide the control center operator with a toolset and training capability to act aggressively as the front line defense against a cyber attack. ($3,153,293)

7. Sypris Electronics

Centralized Cryptographic Key Management: Sypris will research, develop, and commercialize a cost-effective capability to manage the numerous cryptographic keys assigned to smart meters and other remote devices to secure communications. It will be scalable to accommodate the millions of smart meters within the smart grid advanced metering infrastructure. ($3,141,187)

8. Telcordia Technologies

Tools and Methods for Hardening Communication Security of Energy Delivery Systems: Telcordia will research vulnerabilities in energy sector communication protocols and develop mitigation approaches that harden these protocols against cyber attack while enforcing proper communications within energy delivery systems. ($3,019,158)

9. Energy Sector Security Consortium, Inc. (EnergySec)

EnergySec will strengthen electric sector cybersecurity by establishing a broad-based collaborative public-private partnership; develop cybersecurity solutions to enhance electric infrastructure reliability; provide a path for rapid response to national cybersecurity priorities; supply data analysis and forensics capabilities for cyber-related threat and event assessments; assist in creating a framework to identify and prepare for challenges to grid reliability; share information, best practices, resources, and solutions to and from domestic and international electric sector participants; and encourage key electric sector supplier and vendor support and interaction. EnergySec will form the organization to be known as NESCO. ($5,898,288)

10. Electric Power Research Institute, Inc.

EPRI will conduct assessment and analysis of cybersecurity requirements and results from groups such as the National Institute of Standards and Technology (NIST) and the North American Electric Reliability Corp. (NERC). EPRI will assess existing power system and cybersecurity standards to meet power system security requirements and test security technologies in labs and pilot projects. This project, known as the National Electric Sector Cyber Security Organization Resource (NESCOR), will work collaboratively with NESCO. ($4,100,000)

In addition to the funding, the DOE released a 94-page 2010 U.S. Smart Grid Vendor Ecosystem Report, which highlights $2.75 billion in annual product sales in three key smart grid categories: Advanced Metering Infrastructure, Demand Response, and Distribution Grid Management.

A couple of key findings include:

The increasing data and communications sophistication of smart grid applications is driving dependence on integration and successful partnerships amongst a growing network of companies sharing the market

$1.7 billion in venture capital has been invested into smart grid companies between 2007-2010 with the majority flowing into suppliers of AMI and home and building energy management products.